wwwdenizbank-mobilgirisi2021.com Open in urlscan Pro
2606:4700:3034::6815:23b9 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://wwwdenizbank-mobilgirisi2021.com/
Submission: On March 19 via api (March 19th 2021, 7:35:38 am UTC) from NL

Summary HTTP 19 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 19 HTTP transactions. The main IP is 2606:4700:3034::6815:23b9, located in United States and belongs to CLOUDFLARENET, US. The main domain is wwwdenizbank-mobilgirisi2021.com.

This is the only time wwwdenizbank-mobilgirisi2021.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Turkish Government (Government) BDDK (Banking)

Domain & IP information

	IP Address	AS Autonomous System
18	2606:4700:303... 2606:4700:3034::6815:23b9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	31.3.2.109 31.3.2.109	21245 (NETSA-AS) (NETSA-AS)
19	2

18 2606:4700:3034::6815:23b9 (United States)

ASN13335 (CLOUDFLARENET, US)

wwwdenizbank-mobilgirisi2021.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.3.2.109 (Turkey)

ASN21245 (NETSA-AS, TR)

cdn.e-devlet.gov.tr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	wwwdenizbank-mobilgirisi2021.com wwwdenizbank-mobilgirisi2021.com	58 KB
1	e-devlet.gov.tr cdn.e-devlet.gov.tr	4 KB
19	2

	Domain	Requested by
18	wwwdenizbank-mobilgirisi2021.com	wwwdenizbank-mobilgirisi2021.com
1	cdn.e-devlet.gov.tr	wwwdenizbank-mobilgirisi2021.com
19	2

This site contains links to these domains. Also see Links.

Domain
giris.turkiye.gov.tr
www.turkiye.gov.tr

Subject Issuer	Validity	Valid
cdn.e-devlet.gov.tr GlobalSign RSA OV SSL CA 2018	`2020-02-28` - `2022-02-28`	2 years	crt.sh

This page contains 1 frames:

Primary Page: http://wwwdenizbank-mobilgirisi2021.com/
Frame ID: 70200CD1CF44B27B1FAEBB4CDCBA4E77
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

19
Requests

5 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

61 kB
Transfer

216 kB
Size

1
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://giris.turkiye.gov.tr/
Title: Ä°çeriğe Git

Search URL Search Domain Scan URL

URL: https://www.turkiye.gov.tr/iletisim?hizli=CozumMerkezi2
Title: Hızlı Çözüm Merkezi

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request Cookie set / Show response wwwdenizbank-mobilgirisi2021.com/	11 KB 5 KB	479ms 462ms	Document text/html	2606:4700:3034::6815:23b9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://wwwdenizbank-mobilgirisi2021.com/ Protocol HTTP/1.1 Server 2606:4700:3034::6815:23b9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `cfb8a9caefce53e4f22c19370b30501833b12ff39d92cfb389656886985a8531` Request headers Host wwwdenizbank-mobilgirisi2021.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 19 Mar 2021 07:35:17 GMT Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection keep-alive Set-Cookie __cfduid=d9e7f06e504f83f2065dbc6d94900044a1616139317; expires=Sun, 18-Apr-21 07:35:17 GMT; path=/; domain=.wwwdenizbank-mobilgirisi2021.com; HttpOnly; SameSite=Lax CF-Cache-Status DYNAMIC cf-request-id 08eb02085c0000dffb10a30000000001 Report-To {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Xl0EFYBucaVTjXIPFOC7LLPm0WQQ3Ofq9KpcZCALZlHOZLM%2BGJ9YxNXifwFpoP5jd%2FI4Y1e3EbUqJjP%2FZnDsKuzyU4cO4ArN7ngFmzVutnqxbGxJRbTWiYMAOiawCtvSxXdZMe1b5jR2%2FE3GvA%3D%3D"}]} NEL {"report_to":"cf-nel","max_age":604800} Server cloudflare CF-RAY 632505ed6bc0dffb-FRA Content-Encoding gzip alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
GET H/1.1	200 OK	base.css wwwdenizbank-mobilgirisi2021.com/index_files/	125 KB 21 KB	835ms 830ms	Stylesheet text/css	2606:4700:3034::6815:23b9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://wwwdenizbank-mobilgirisi2021.com/index_files/base.css Requested by Host: wwwdenizbank-mobilgirisi2021.com URL: http://wwwdenizbank-mobilgirisi2021.com/ Protocol HTTP/1.1 Server 2606:4700:3034::6815:23b9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `73f7279807a6872a399e9f1b335ddf2a847f29784d4f769adfe18e0f96c0f232` Request headers Referer http://wwwdenizbank-mobilgirisi2021.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 19 Mar 2021 07:35:18 GMT Content-Encoding gzip CF-Cache-Status MISS Last-Modified Mon, 05 Oct 2020 08:36:20 GMT Server cloudflare Vary Accept-Encoding Report-To {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FiHeVr3ABGRhUuYR7Zqn1qLCVL5%2F2mNbOT6FgXH8HDez%2FS4rK28ffGPTiKQAjgSOLEccL%2BPGmZ3eMew590p%2FZ6Fr3cehvP1NX4AIUR0%2FU2pxLXmu3RU2caoM5cRTEulBblrFSBPdcQu5Gh05yw%3D%3D"}]} Content-Type text/css alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 Cache-Control max-age=14400 Transfer-Encoding chunked Connection keep-alive CF-RAY 632505f05e67dffb-FRA NEL {"report_to":"cf-nel","max_age":604800} cf-request-id 08eb020a340000dffb258ad000000001
GET H/1.1	200 OK	header.js Show response wwwdenizbank-mobilgirisi2021.com/index_files/	10 KB 5 KB	360ms 354ms	Script application/javascript	2606:4700:3034::6815:23b9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://wwwdenizbank-mobilgirisi2021.com/index_files/header.js Requested by Host: wwwdenizbank-mobilgirisi2021.com URL: http://wwwdenizbank-mobilgirisi2021.com/ Protocol HTTP/1.1 Server 2606:4700:3034::6815:23b9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `5e002677cbc74b8ece199259c3000ad851348079c777165d04d76e7a28e0ca48` Request headers Referer http://wwwdenizbank-mobilgirisi2021.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 19 Mar 2021 07:35:18 GMT Content-Encoding gzip CF-Cache-Status MISS Last-Modified Mon, 05 Oct 2020 08:36:20 GMT Server cloudflare Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9hO6q%2BNFqchcxnpiAJo1f08G1ZBc1bkdBHRl1pbOwoExlFrbDldBlG72PTgsxL3p9dxQvelpXIaR21hIWILjE25o0BvYjLbiAbpJEOAFK6J8WSRGHaJk%2BERGurnp8dUJaFBHqATkM%2F7JeapnEw%3D%3D"}],"max_age":604800,"group":"cf-nel"} Content-Type application/javascript alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 Cache-Control max-age=14400 Transfer-Encoding chunked Connection keep-alive CF-RAY 632505f05a9c2c26-FRA NEL {"max_age":604800,"report_to":"cf-nel"} cf-request-id 08eb020a3600002c2603383000000001
GET H/1.1	200 OK	giris.css wwwdenizbank-mobilgirisi2021.com/index_files/	44 KB 8 KB	686ms 681ms	Stylesheet text/css	2606:4700:3034::6815:23b9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://wwwdenizbank-mobilgirisi2021.com/index_files/giris.css Requested by Host: wwwdenizbank-mobilgirisi2021.com URL: http://wwwdenizbank-mobilgirisi2021.com/ Protocol HTTP/1.1 Server 2606:4700:3034::6815:23b9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `7240d65c7509f145e5147366d7393a1fd182cac4e950b15d2089c62b7e282d41` Request headers Referer http://wwwdenizbank-mobilgirisi2021.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 19 Mar 2021 07:35:18 GMT Content-Encoding gzip CF-Cache-Status MISS Last-Modified Mon, 05 Oct 2020 09:25:34 GMT Server cloudflare Vary Accept-Encoding Report-To {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=YXDP9yljZRXwyjwHEOxXs5WcI0q0XJ%2F6WJPXUfpRQ2VsuS0gZLx9N50vVhdeRqpmx2QcbZ4q3hWEMODYGdu0BkuiI2F0ZBxxGe7S8I83x6uAXl9i2W1Rgt4r8xi7lmz9Qe1RkWs8kWXMDBgPzg%3D%3D"}],"max_age":604800} Content-Type text/css alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 Cache-Control max-age=14400 Transfer-Encoding chunked Connection keep-alive CF-RAY 632505f05aeb05d8-FRA NEL {"max_age":604800,"report_to":"cf-nel"} cf-request-id 08eb020a36000005d8f08d6000000001
GET H/1.1	200 OK	1.png wwwdenizbank-mobilgirisi2021.com/index_files/	2 KB 3 KB	347ms 346ms	Image image/png	2606:4700:3034::6815:23b9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://wwwdenizbank-mobilgirisi2021.com/index_files/1.png Requested by Host: wwwdenizbank-mobilgirisi2021.com URL: http://wwwdenizbank-mobilgirisi2021.com/ Protocol HTTP/1.1 Server 2606:4700:3034::6815:23b9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `b2f75fb62c0bf3c51f8eebc14891cf56976638fda4b0d23f90e2ee6dbd8f3b18` Request headers Referer http://wwwdenizbank-mobilgirisi2021.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 19 Mar 2021 07:35:18 GMT CF-Cache-Status MISS Last-Modified Mon, 05 Oct 2020 08:36:20 GMT Server cloudflare Vary Accept-Encoding Report-To {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=3JDOyY52rXA3Rh6jmdkhtGVrwdbX5nzQhLHYUs3EwewkE63c%2BvF3teAKWK4%2BcGuPVCaDpYFd%2FsbXo6ADYLGJDv5Xv3gmTaVlZD%2B%2BK%2BVVNmkpMBw2Qe8g4uFTyfdggWjqLKQq6Ee6FdTlX4Qp1Q%3D%3D"}],"max_age":604800} Content-Type image/png Cache-Control max-age=14400 NEL {"max_age":604800,"report_to":"cf-nel"} Connection keep-alive Accept-Ranges bytes CF-RAY 632505f498a105d8-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 Content-Length 1855 cf-request-id 08eb020ce1000005d8e4b8f000000001
GET H/1.1	200 OK	form-progress.svg wwwdenizbank-mobilgirisi2021.com/index_files/	1 KB 1 KB	341ms 340ms	Image image/svg+xml	2606:4700:3034::6815:23b9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://wwwdenizbank-mobilgirisi2021.com/index_files/form-progress.svg Requested by Host: wwwdenizbank-mobilgirisi2021.com URL: http://wwwdenizbank-mobilgirisi2021.com/ Protocol HTTP/1.1 Server 2606:4700:3034::6815:23b9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `ff7498da718b1f50faeefae71e24ceadf4575da0692b84c9a1ad359daa1f2ff2` Request headers Referer http://wwwdenizbank-mobilgirisi2021.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 19 Mar 2021 07:35:18 GMT Content-Encoding gzip CF-Cache-Status MISS Last-Modified Mon, 05 Oct 2020 08:36:20 GMT Server cloudflare Vary Accept-Encoding Report-To {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=lMcsRM9pjKYJHjlRW%2BXonKS2yc%2BisWbjVRbo94seyUQ1EQ%2FciVpMaUMx3ZPjOm1vajTLaNVbsws8S5Llu9uUVX4rD9uHSpHlfzL0q99%2Fz2%2BMUuSeMMh8jr%2FTAIlt%2FCgnPrCOYt341aqepKE4Ew%3D%3D"}]} Content-Type image/svg+xml alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 Cache-Control max-age=14400 Transfer-Encoding chunked Connection keep-alive CF-RAY 632505f58b2adffb-FRA NEL {"report_to":"cf-nel","max_age":604800} cf-request-id 08eb020d750000dffb3136c000000001
GET H/1.1	200 OK	bb-ubak-tsat-black.png wwwdenizbank-mobilgirisi2021.com/index_files/	15 KB 16 KB	346ms 346ms	Image image/png	2606:4700:3034::6815:23b9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://wwwdenizbank-mobilgirisi2021.com/index_files/bb-ubak-tsat-black.png Requested by Host: wwwdenizbank-mobilgirisi2021.com URL: http://wwwdenizbank-mobilgirisi2021.com/ Protocol HTTP/1.1 Server 2606:4700:3034::6815:23b9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `a4745f259315892f1d3a76a0d8f524729e50ac83d4a8a53deda91970a1bf3dbb` Request headers Referer http://wwwdenizbank-mobilgirisi2021.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 19 Mar 2021 07:35:18 GMT CF-Cache-Status REVALIDATED Last-Modified Mon, 05 Oct 2020 08:36:20 GMT Server cloudflare Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=taTxIXLlr7gf9jgUsJ5RqaE6RW9O0i7QKOluP3eVHutvDTQg8pbOKL1SV8KLlKQGQIP3TSFXpOaboDF4MPziAXEOmfruixaOE%2FOewnrbcq9qEAiBHAN7qc16I7xHnVnAgaXTa4g4osBwPWrZCw%3D%3D"}],"max_age":604800,"group":"cf-nel"} Content-Type image/png Cache-Control max-age=14400 NEL {"max_age":604800,"report_to":"cf-nel"} Connection keep-alive Accept-Ranges bytes CF-RAY 632505f599522c26-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 Content-Length 15120 cf-request-id 08eb020d8000002c2649a6e000000001
GET H2	200	edkkds.svg cdn.e-devlet.gov.tr/themes/izmir/images/	9 KB 4 KB	92ms 23ms	Image image/svg+xml	31.3.2.109 NETSA-AS
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.e-devlet.gov.tr/themes/izmir/images/edkkds.svg Requested by Host: wwwdenizbank-mobilgirisi2021.com URL: http://wwwdenizbank-mobilgirisi2021.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 31.3.2.109 , Turkey, ASN21245 (NETSA-AS, TR), Reverse DNS Software MNCDN-2143 / Resource Hash `39966ec7eea8f508184cef9f98895a0e8d74e3328a43cc8a93c528cfca888691` Request headers Referer http://wwwdenizbank-mobilgirisi2021.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 19 Mar 2021 07:35:18 GMT content-encoding gzip last-modified Fri, 05 Jan 2018 11:42:29 GMT server MNCDN-2143 x-mnrequest-id 7d766ae396c8d9afe61a4b56a0dff813 x-edge-location DE-372 etag W/"5a4f64a5-222a" x-cache-status Edge : HIT, vary Accept-Encoding, Accept-Encoding, User-Agent content-type image/svg+xml access-control-allow-origin * cache-control max-age=7776000 x-mserver 2200 expires Thu, 17 Jun 2021 07:35:18 GMT
GET H/1.1	404 Not Found	opensans-regular-webfont.1.woff wwwdenizbank-mobilgirisi2021.com/themes/izmir/fonts/	0 0	348ms 348ms	Font text/html	2606:4700:3034::6815:23b9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://wwwdenizbank-mobilgirisi2021.com/themes/izmir/fonts/opensans-regular-webfont.1.woff Requested by Host: wwwdenizbank-mobilgirisi2021.com URL: http://wwwdenizbank-mobilgirisi2021.com/index_files/base.css Protocol HTTP/1.1 Server 2606:4700:3034::6815:23b9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Origin http://wwwdenizbank-mobilgirisi2021.com Referer http://wwwdenizbank-mobilgirisi2021.com/index_files/base.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 19 Mar 2021 07:35:19 GMT Content-Encoding gzip CF-Cache-Status MISS NEL {"report_to":"cf-nel","max_age":604800} Server cloudflare Vary Accept-Encoding Report-To {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qGyUuRgQvdkwIDClMae9AWiKQXeL4VNWcIVqSFjy826tuRH0%2FxJ1J53FJY5zoigNWChb0YOf4NiYCzYoMHrOsZL0AFReIrzDUbgdsi5L2vV%2FxjYcjdoAHEWPhoESx7wfRjTRNZF1a190etf89A%3D%3D"}],"max_age":604800} Content-Type text/html; charset=iso-8859-1 Cache-Control max-age=14400 Transfer-Encoding chunked Connection keep-alive CF-RAY 632505f5a95ce007-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 08eb020d8a0000e00753845000000001
GET H/1.1	404 Not Found	button-right.1.svg wwwdenizbank-mobilgirisi2021.com/themes/izmir/images/	315 B 315 B	511ms 339ms	Image text/html	2606:4700:3034::6815:23b9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://wwwdenizbank-mobilgirisi2021.com/themes/izmir/images/button-right.1.svg Requested by Host: wwwdenizbank-mobilgirisi2021.com URL: http://wwwdenizbank-mobilgirisi2021.com/index_files/giris.css Protocol HTTP/1.1 Server 2606:4700:3034::6815:23b9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3` Request headers Referer http://wwwdenizbank-mobilgirisi2021.com/index_files/giris.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 19 Mar 2021 07:35:19 GMT Content-Encoding gzip CF-Cache-Status MISS NEL {"max_age":604800,"report_to":"cf-nel"} Server cloudflare Vary Accept-Encoding Report-To {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wivF5woBjvPunuxUIzftIxaNqwgnwaFhoh9ZP0HeqDCDrrd3GDqiAZoVAS0Dh6AUh8d%2Bb8vDTchwkEmP0NOdmobjCiq5rSvQw3gIqJ4PBDSH5nxv9qRKMtQJJ%2BO11LFA%2FV7ZXp5s0eyxF2kgRQ%3D%3D"}],"max_age":604800} Content-Type text/html; charset=iso-8859-1 Cache-Control max-age=14400 Transfer-Encoding chunked Connection keep-alive CF-RAY 632505f6cb0e05d8-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 08eb020e3c000005d83b228000000001
GET H/1.1	404 Not Found	arrow-left.1.svg wwwdenizbank-mobilgirisi2021.com/themes/izmir/images/	315 B 315 B	661ms 348ms	Image text/html	2606:4700:3034::6815:23b9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://wwwdenizbank-mobilgirisi2021.com/themes/izmir/images/arrow-left.1.svg Requested by Host: wwwdenizbank-mobilgirisi2021.com URL: http://wwwdenizbank-mobilgirisi2021.com/index_files/giris.css Protocol HTTP/1.1 Server 2606:4700:3034::6815:23b9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3` Request headers Referer http://wwwdenizbank-mobilgirisi2021.com/index_files/giris.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 19 Mar 2021 07:35:19 GMT Content-Encoding gzip CF-Cache-Status MISS NEL {"report_to":"cf-nel","max_age":604800} Server cloudflare Vary Accept-Encoding Report-To {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=rvgFp8FsampzGB3emt3sRa6SnBwL%2FpBUSrpoFKNpfyppvaticZGw7UpqPhEIRyv%2FSMoheFbc5GyPPpSy78GCOrGW3vBgYRZGQoehqiAWkkpr4oic4elXyPMhg2iCDzQAmG4KlqMydwCU1CGn4g%3D%3D"}]} Content-Type text/html; charset=iso-8859-1 Cache-Control max-age=14400 Transfer-Encoding chunked Connection keep-alive CF-RAY 632505f7ad24dffb-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 08eb020ec90000dffb5109f000000001
GET H/1.1	404 Not Found	opensans-bold-webfont.1.woff wwwdenizbank-mobilgirisi2021.com/themes/izmir/fonts/	0 0	354ms 349ms	Font text/html	2606:4700:3034::6815:23b9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://wwwdenizbank-mobilgirisi2021.com/themes/izmir/fonts/opensans-bold-webfont.1.woff Requested by Host: wwwdenizbank-mobilgirisi2021.com URL: http://wwwdenizbank-mobilgirisi2021.com/index_files/base.css Protocol HTTP/1.1 Server 2606:4700:3034::6815:23b9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Origin http://wwwdenizbank-mobilgirisi2021.com Referer http://wwwdenizbank-mobilgirisi2021.com/index_files/base.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 19 Mar 2021 07:35:19 GMT Content-Encoding gzip CF-Cache-Status MISS NEL {"report_to":"cf-nel","max_age":604800} Server cloudflare Vary Accept-Encoding Report-To {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Sc69a40r6GwmaL6X3O34G%2FfcZbcOHH7H7TiWJMKsJdCvgg4lC8Pc5OSTvvwkYP0a1q9ER37nNlz1V4D3hj%2Fq6VyhFoXX57aZnYwz1J6pdbxOXxNnO67bZTVvApijZ8OGquOOEpasB60G9zCWxw%3D%3D"}]} Content-Type text/html; charset=iso-8859-1 Cache-Control max-age=14400 Transfer-Encoding chunked Connection keep-alive CF-RAY 632505f5bea9d6e9-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 08eb020d960000d6e9073a8000000001
GET H/1.1	404 Not Found	opensans-light-webfont.1.woff wwwdenizbank-mobilgirisi2021.com/themes/izmir/fonts/	0 0	363ms 358ms	Font text/html	2606:4700:3034::6815:23b9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://wwwdenizbank-mobilgirisi2021.com/themes/izmir/fonts/opensans-light-webfont.1.woff Requested by Host: wwwdenizbank-mobilgirisi2021.com URL: http://wwwdenizbank-mobilgirisi2021.com/index_files/base.css Protocol HTTP/1.1 Server 2606:4700:3034::6815:23b9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Origin http://wwwdenizbank-mobilgirisi2021.com Referer http://wwwdenizbank-mobilgirisi2021.com/index_files/base.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 19 Mar 2021 07:35:19 GMT Content-Encoding gzip CF-Cache-Status MISS NEL {"max_age":604800,"report_to":"cf-nel"} Server cloudflare Vary Accept-Encoding Report-To {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=SnisHglzZ6kYk1ioNPlFlnlycJwZVTIJ9xwl11m884pR6k%2B46jGAXZ5A%2Fb8S1JG2OlW3fE%2BcVF3WrnCJXCbX0l5EVHCOfWZ%2BjUfH78ZvEJl95dlfmEvfl5V9RAfncQYaR5JR4zX%2FWJzDSGswjQ%3D%3D"}]} Content-Type text/html; charset=iso-8859-1 Cache-Control max-age=14400 Transfer-Encoding chunked Connection keep-alive CF-RAY 632505f5be8b05b3-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 08eb020d97000005b35cb5d000000001
GET H/1.1	404 Not Found	opensans-regular-webfont.1.woff2 wwwdenizbank-mobilgirisi2021.com/themes/izmir/fonts/	0 0	358ms 357ms	Font text/html	2606:4700:3034::6815:23b9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://wwwdenizbank-mobilgirisi2021.com/themes/izmir/fonts/opensans-regular-webfont.1.woff2 Requested by Host: wwwdenizbank-mobilgirisi2021.com URL: http://wwwdenizbank-mobilgirisi2021.com/index_files/base.css Protocol HTTP/1.1 Server 2606:4700:3034::6815:23b9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Origin http://wwwdenizbank-mobilgirisi2021.com Referer http://wwwdenizbank-mobilgirisi2021.com/index_files/base.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 19 Mar 2021 07:35:19 GMT Content-Encoding gzip CF-Cache-Status MISS NEL {"report_to":"cf-nel","max_age":604800} Server cloudflare Vary Accept-Encoding Report-To {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=0jdnJaXU9mBPBJsZ3aR9bFrQ9Pl3HjRJOVy79MROiFajxXWdhepOuZEmGXfR0w2lXBRud0dzcGKqi2qDC6AUmJQi8SXsO%2BWT%2BQdq2jkFfm3GfA%2BMi8nJfVQHjn%2FlyEXY2JYqIA98kBvD%2Blzw%2Bg%3D%3D"}],"max_age":604800} Content-Type text/html; charset=iso-8859-1 Cache-Control max-age=14400 Transfer-Encoding chunked Connection keep-alive CF-RAY 632505f7db60e007-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 08eb020ee80000e007c9261000000001
GET H/1.1	404 Not Found	opensans-bold-webfont.1.woff2 wwwdenizbank-mobilgirisi2021.com/themes/izmir/fonts/	0 0	357ms 357ms	Font text/html	2606:4700:3034::6815:23b9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://wwwdenizbank-mobilgirisi2021.com/themes/izmir/fonts/opensans-bold-webfont.1.woff2 Requested by Host: wwwdenizbank-mobilgirisi2021.com URL: http://wwwdenizbank-mobilgirisi2021.com/index_files/base.css Protocol HTTP/1.1 Server 2606:4700:3034::6815:23b9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Origin http://wwwdenizbank-mobilgirisi2021.com Referer http://wwwdenizbank-mobilgirisi2021.com/index_files/base.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 19 Mar 2021 07:35:19 GMT Content-Encoding gzip CF-Cache-Status MISS NEL {"report_to":"cf-nel","max_age":604800} Server cloudflare Vary Accept-Encoding Report-To {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=jLHfeCQ9OPZxdDN%2BA%2F5SrSbRq39Cy%2FoBnu4DYYtXXPM9A0dgv03g61FBq3qu%2FjG6fs3NIqIRG9NtFhzFfDAwPJQjEpiDOkWB%2FWmFV5CZairn9%2FDiiFIc7Y8BLsW7j%2FwKiSzZCFGZbZ0nUaeF5w%3D%3D"}]} Content-Type text/html; charset=iso-8859-1 Cache-Control max-age=14400 Transfer-Encoding chunked Connection keep-alive CF-RAY 632505f7f843d6e9-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 08eb020ef90000d6e9dfb65000000001
GET H/1.1	404 Not Found	opensans-light-webfont.1.woff2 wwwdenizbank-mobilgirisi2021.com/themes/izmir/fonts/	0 0	339ms 338ms	Font text/html	2606:4700:3034::6815:23b9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://wwwdenizbank-mobilgirisi2021.com/themes/izmir/fonts/opensans-light-webfont.1.woff2 Requested by Host: wwwdenizbank-mobilgirisi2021.com URL: http://wwwdenizbank-mobilgirisi2021.com/index_files/base.css Protocol HTTP/1.1 Server 2606:4700:3034::6815:23b9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Origin http://wwwdenizbank-mobilgirisi2021.com Referer http://wwwdenizbank-mobilgirisi2021.com/index_files/base.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 19 Mar 2021 07:35:19 GMT Content-Encoding gzip CF-Cache-Status MISS NEL {"max_age":604800,"report_to":"cf-nel"} Server cloudflare Vary Accept-Encoding Report-To {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Av1qm0BBQqRqeIi74TSHd3lyPwWvRM6On98XeAzRH7RHwoQJk9%2FAcJG%2BnqHT2fs6JbcnUvBOAdhQq2RmJGMtHhimOYpZm5FoiO7ukIZPnspMY8bqyvdARakv%2F1OImgh5CHlTtYKJxyrY8QhBIw%3D%3D"}]} Content-Type text/html; charset=iso-8859-1 Cache-Control max-age=14400 Transfer-Encoding chunked Connection keep-alive CF-RAY 632505f7f8c805b3-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 08eb020efe000005b38400b000000001
GET H/1.1	404 Not Found	opensans-regular-webfont.1.ttf wwwdenizbank-mobilgirisi2021.com/themes/izmir/fonts/	0 0	354ms 354ms	Font text/html	2606:4700:3034::6815:23b9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://wwwdenizbank-mobilgirisi2021.com/themes/izmir/fonts/opensans-regular-webfont.1.ttf Requested by Host: wwwdenizbank-mobilgirisi2021.com URL: http://wwwdenizbank-mobilgirisi2021.com/index_files/base.css Protocol HTTP/1.1 Server 2606:4700:3034::6815:23b9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Origin http://wwwdenizbank-mobilgirisi2021.com Referer http://wwwdenizbank-mobilgirisi2021.com/index_files/base.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 19 Mar 2021 07:35:19 GMT Content-Encoding gzip CF-Cache-Status MISS NEL {"report_to":"cf-nel","max_age":604800} Server cloudflare Vary Accept-Encoding Report-To {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=buLVbhEQ3ISvxwm24qEMc2mCAKRF1U1T8I3pu%2BZpDTHfNoBlS%2BZoGXmL5OUXr745Fk4UcFW2G28xV5iUdq%2FRwdjhFJQip%2Fo%2FSY30E1vSXP%2F45QK%2F2rdCcHqEARVJesO%2FQw7wJ%2Bu2H5qOMaQ0Ng%3D%3D"}],"max_age":604800} Content-Type text/html; charset=iso-8859-1 Cache-Control max-age=14400 Transfer-Encoding chunked Connection keep-alive CF-RAY 632505fa1d58e007-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 08eb02104f0000e0077110c000000001
GET H/1.1	404 Not Found	opensans-light-webfont.1.ttf wwwdenizbank-mobilgirisi2021.com/themes/izmir/fonts/	0 0	354ms 354ms	Font text/html	2606:4700:3034::6815:23b9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://wwwdenizbank-mobilgirisi2021.com/themes/izmir/fonts/opensans-light-webfont.1.ttf Requested by Host: wwwdenizbank-mobilgirisi2021.com URL: http://wwwdenizbank-mobilgirisi2021.com/index_files/base.css Protocol HTTP/1.1 Server 2606:4700:3034::6815:23b9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Origin http://wwwdenizbank-mobilgirisi2021.com Referer http://wwwdenizbank-mobilgirisi2021.com/index_files/base.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 19 Mar 2021 07:35:19 GMT Content-Encoding gzip CF-Cache-Status MISS NEL {"max_age":604800,"report_to":"cf-nel"} Server cloudflare Vary Accept-Encoding Report-To {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=rARniLPM0LJSo87MsoWfwqbG21mMugiGlMMs0eEIDB1RD3AW%2BpHZ3703SUG8qbAKeNcHeY%2FNAmyfAocsGioWXksa7dzOZn69EpAxqqxTteetkWcpYZX5e2uYmnQNuZvhyVOCUa2S1HFrqwH6Zg%3D%3D"}]} Content-Type text/html; charset=iso-8859-1 Cache-Control max-age=14400 Transfer-Encoding chunked Connection keep-alive CF-RAY 632505fa1b3e05b3-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 08eb021052000005b399a22000000001
GET H/1.1	404 Not Found	opensans-bold-webfont.1.ttf wwwdenizbank-mobilgirisi2021.com/themes/izmir/fonts/	0 0	344ms 344ms	Font text/html	2606:4700:3034::6815:23b9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://wwwdenizbank-mobilgirisi2021.com/themes/izmir/fonts/opensans-bold-webfont.1.ttf Requested by Host: wwwdenizbank-mobilgirisi2021.com URL: http://wwwdenizbank-mobilgirisi2021.com/index_files/base.css Protocol HTTP/1.1 Server 2606:4700:3034::6815:23b9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Origin http://wwwdenizbank-mobilgirisi2021.com Referer http://wwwdenizbank-mobilgirisi2021.com/index_files/base.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 19 Mar 2021 07:35:19 GMT Content-Encoding gzip CF-Cache-Status MISS NEL {"report_to":"cf-nel","max_age":604800} Server cloudflare Vary Accept-Encoding Report-To {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=RRTEdZT1KXIuE7OPT8JRk0EUWmGn4FTvn5tTaN1AX%2F3xuPTb1zNwxuKUSv6qppZbBoFQRHcicNYEKYNIBAhO3B2sI6XhI0O2%2FycpC%2FzMIfg2X30GNLrvT9dFby8JrKYwvn4a%2FFW0yqq7vypbGQ%3D%3D"}]} Content-Type text/html; charset=iso-8859-1 Cache-Control max-age=14400 Transfer-Encoding chunked Connection keep-alive CF-RAY 632505fa3a74d6e9-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 08eb0210600000d6e947a05000000001

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Turkish Government (Government) BDDK (Banking)

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.wwwdenizbank-mobilgirisi2021.com/	1970-01-19 17:38:51	Name: __cfduid Value: d9e7f06e504f83f2065dbc6d94900044a1616139317

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.e-devlet.gov.tr
wwwdenizbank-mobilgirisi2021.com
2606:4700:3034::6815:23b9
31.3.2.109
39966ec7eea8f508184cef9f98895a0e8d74e3328a43cc8a93c528cfca888691
5e002677cbc74b8ece199259c3000ad851348079c777165d04d76e7a28e0ca48
7240d65c7509f145e5147366d7393a1fd182cac4e950b15d2089c62b7e282d41
73f7279807a6872a399e9f1b335ddf2a847f29784d4f769adfe18e0f96c0f232
a4745f259315892f1d3a76a0d8f524729e50ac83d4a8a53deda91970a1bf3dbb
b2f75fb62c0bf3c51f8eebc14891cf56976638fda4b0d23f90e2ee6dbd8f3b18
cfb8a9caefce53e4f22c19370b30501833b12ff39d92cfb389656886985a8531
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
ff7498da718b1f50faeefae71e24ceadf4575da0692b84c9a1ad359daa1f2ff2

wwwdenizbank-mobilgirisi2021.com Open in urlscan Pro 2606:4700:3034::6815:23b9 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

19 Requests

5 %HTTPS

50 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

61 kBTransfer

216 kBSize

1 Cookies

2 Outgoing links

Redirected requests

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

7 JavaScript Global Variables

1 Cookies

Indicators

wwwdenizbank-mobilgirisi2021.com Open in urlscan Pro
2606:4700:3034::6815:23b9 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

19
Requests

5 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

61 kB
Transfer

216 kB
Size

1
Cookies

19 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!